<%@ page contentType="text/html" pageEncoding="UTF-8"%>
<% response.setContentType("text/html; charset=UTF-8");%>
<% request.setCharacterEncoding("utf-8");%>
<%@ page import="java.sql.*" %>
<%@ page import="javax.xml.parsers.*" %>
<%@ page import="org.w3c.dom.*" %>
<%@ page import="java.io.File" %>
<%
	Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new File(getServletContext().getRealPath("/") + "web.xml"));
	doc.getDocumentElement().normalize();
	String dbhost = doc.getElementsByTagName("host").item(0).getTextContent();
	String dbport = doc.getElementsByTagName("port").item(0).getTextContent();
	String dbuser = doc.getElementsByTagName("user").item(0).getTextContent();
	String dbpass = doc.getElementsByTagName("pass").item(0).getTextContent();
	String dbname = doc.getElementsByTagName("database").item(0).getTextContent();
	String dbconnString = "jdbc:mysql://" + dbhost + ":" + dbport + "/" + dbname + "?setUnicode=true&characterEncoding=UTF-8";
	Class.forName("com.mysql.jdbc.Driver").newInstance();
	Connection dbconn = DriverManager.getConnection(dbconnString, dbuser, dbpass);
	Statement query = dbconn.createStatement();
%>

<%

	String cmnd = request.getParameter("cmnd");
	String username = request.getParameter("username");
	String password = request.getParameter("password");
	ResultSet rs = null;
	try {
		if (cmnd != null) {
			rs = query.executeQuery("select * from thisinh where cmnd = '" + cmnd + "'");
		} else {
			rs = query.executeQuery("select * from quantri where username = '" + username + "' and password = '" + password + "'");
		}
	} catch (Exception e) {
		e.getMessage();
	}

	Cookie ckCMND = new Cookie("cmnd", "");
	Cookie ckUsername = new Cookie("username", "");
	Cookie ckPassword = new Cookie("password", "");

	if (!rs.next()) {
		out.print("0"); // tài khoản không đúng
		if (cmnd != null) {
			ckCMND.setMaxAge(0); // delete cookie
			response.addCookie(ckCMND);
		} else {
			ckUsername.setMaxAge(0); // delete cookie
			response.addCookie(ckUsername);
			ckPassword.setMaxAge(0); // delete cookie
			response.addCookie(ckPassword);
		}
	} else {
		out.print("1"); // đăng nhập thành công
		HttpSession ss = request.getSession();
		if (cmnd != null) {
			ss.setAttribute("type", "TS"); // thí sinh
			ss.setAttribute("maTS", rs.getInt("maTS"));
			ss.setAttribute("hoten", rs.getString("hoten"));
			if (request.getParameter("remember") != null) {
				ckCMND.setValue(cmnd);
				ckCMND.setMaxAge(604800); // 7 days
				response.addCookie(ckCMND);
			} else {
				ckCMND.setMaxAge(0); // delete cookie
				response.addCookie(ckCMND);
			}
		} else {
			ss.setAttribute("type", "QT"); // quản trị
			ss.setAttribute("id", rs.getInt("id"));
			ss.setAttribute("username", rs.getString("username"));
			if (request.getParameter("remember") != null) {
				ckUsername.setValue(username);
				ckUsername.setMaxAge(604800); // 7 days
				response.addCookie(ckUsername);
				ckPassword.setValue(password);
				ckPassword.setMaxAge(604800); // 7 days
				response.addCookie(ckPassword);
			} else {
				ckUsername.setMaxAge(0); // delete cookie
				response.addCookie(ckUsername);
				ckPassword.setMaxAge(0); // delete cookie
				response.addCookie(ckPassword);
			}
		}
		ss.setAttribute("isLogin", true);
	}
	rs.close();

%>

<% dbconn.close();%>